Access control for computer systems, services and resources is based on a defined set of access rights for a user, consumer or class of user or consumer. Notably, users or consumers can include other computer systems, software components or automated entities that make use of, or consume, services and/or resources. These access rights can be constituted as access control rules for a user or class that must be defined to determine permitted and/or non-permitted actions by a user such as access to resources and/or services.
Defining access control rules requires considerable effort to ensure all aspects of access control and behavior management are considered. Thus, rules can be defined on a per-resource or service basis, a per-user or class basis, and per-permission or user/consumer right basis. The multi-dimensional considerations in defining these rules therefore presents a considerable burden that it would be advantageous to mitigate.